Copyright Statement

Abstract

Information Technology control frameworks such as the Control Objectives for Information and Related Technology (COBIT) are designed to promote effective IT governance. This paper guides future scholarly evaluations of COBIT by identifying gaps in, and facilitating, research. It uses a framework to update a classification of the COBIT literature, by examining publications that report on how COBIT has been used in organisations. The findings from content analysis of extensive printed resources carried out on three occasions between 2003 and 2006 suggest that very few academically-focused evaluations of COBIT implementations have been undertaken, despite COBIT's extensive use in organisations throughout the world. Analysis points to growing acceptance of COBIT by both academics and practitioners, as well as a maturation in practitioner discussion of the framework. However, considerable potential exists for academic research that evaluates COBIT's effectiveness, to determine COBIT's value for organisations.